While PowerShell version 3 will load the module automatically,
PowerShell version 2 requires you to be more explicit.
This was missing in from 239fa1e3c7. We discovered this in
interactive debugging session with Hounsou Dansou.
Change-Id: I88db408c00b8d880cec08a14086e605e99ff8799
Normally, PoSh-Ohai will return it's data as JSON. However, if
PowerShell version 3 is not available, we get data back as XML.
We now attempt to parse the returned text XML if we cannot parse it as
JSON first. We raise a SystemInfoInvalid exception if we cannot parse
the data as either JSON or XML. The SystemInfoNotJson and
SystemInfoMissingJson exceptions are no longer raised since they don't
make sense when the command can return two formats.
Change-Id: I6972595e6322d35c99fb6297565625fdb1cd951e
Added options to the ohai_solo install, remove and execute methods to
allow installation of ohai-solo to somewhere other than /opt. This is
required because it lets us get around some change control policies.
Change-Id: I72d051f78c5316e6077891978c65a60ece1dd4de
Pep8 tests were failing due to an error in requirements.txt
pep8 was specified as allowing from 1.5.7, with no minimum version.
Flake8 however fails with versions >1.6.
Added this requirement, and also fixed errors from pep8 tests
Change-Id: I24cb0ff34d6a28a6932a8df1206add287aca1e29
* Add subprocess.Popen wrapper in common
* Change bash.py and smb.py to use wrapper.
Because subprocess.Popen uses os.fork() to spawn child processes, it may
be desirable for a calling application to override subprocess.Popen with
a custom class that implements a different spawning method - such as
posix_spawn. With large-memory applications, posix_spawn may be more
desirable than os.fork() due to memory allocation behavior. This change
allows Satori to be compatible with such a workflow.
Change-Id: Ia60adea27d1a6cbf28341ea3aece5ee604a94583
Closes-Bug: #1412485
The old code was constructing the shell command like this:
echo -e """%s""" | python
However, shells don't do triple quoting like Python. What happens
instead is that the first pair of quotes become an empty string and
disappears. The second set of quotes quote the Python code and the
third pair of quotes also disappear.
To correctly quote the argument, one should instead wrap it in
single-quotes and take care to replace internal single-quotes with an
escaped version that first ends the previously quoted string, inserts
a single-quote and begins a new quoted string. The new shellquote
function does this.
When using this function, the -e flag is not needed or desired: it
will prematurely evaluate escape sequences that would otherwise have
been evaluated by Python.
Change-Id: I19166575b0d9b9e9836d072abab8ce0fbb2af7f2
Closes-Bug: 1401542
Replace URLs for workflow documentation to appropriate parts of the
OpenStack Project Infrastructure Manual.
Change-Id: I7ab5c3b3adf08844296e479922af8195ec7d6603
1. Detects failed authentication message from Windows systems
and raises SatoriSMBAuthenticationException
2. Detects error message stating that the user has been locked
out of a Windows system and raises SatoriSMBLockoutException
3. Detects error message stating shared access flags are
incompatible on a Windows system and raises
SatoriSMBFileSharingException
Consolidates (DRY) the logic which listens to command output in
smb.py so that the custom Exceptions mentioned above can be raised
if any of the known error output is encountered.
Unchanged: A non-zero exit status with an unknown error message
raises a SubprocessError including that error message.
Previously, all error messages corresponding to non-zero exit codes
were "unknown".
Closes-Bug: #1389034
Change-Id: I157adfe9034177f7975473ff96f29fc17c6ad12b
root_password was not being passed through from the RemoteClient
to the SSH client instantiation.
Change-Id: I4cd61821dd9fbe099bcdc2097807446d4072f9c4
Closes-Bug:#1362666
This replaces the URLs for Ohai-Solo and Posh-Ohai to use a
rackspace.com domain in order to help properly identitfy the source of
the packages and prevent confusion to users on what is being done.
In the future, this URL should be fully customizable to allow for
someone to host their own Ohai-Solo/Posh-Ohai packages if they so
choose.
Closes-Bug: #1386745
Change-Id: If2b58846eb47c550614a94d73bdf33ac79ff9cf5
If a root_password is supplied to the RemoteShell
initialization ( where applicable ), 'su -' will be
used to escalate the command, regardless of the user
that logged in. This effectively means that two passwords
may be supplied when instantiating RemoteShell, 'password'
and 'root_password'. Of course, if the username is actually
"root", the logic will infer that the corresponding password
may act as 'root_password'. The standard procedure will
be to simply use the "sudo" prefix if escalate=True on
remote_execute().
In the previous implementation, to run a command as su, you
would have to explicitly include the prefix with your command.
This change allows the executor logic to determine how to
proceed, and the caller will only need to call remote_execute
with escalate=True, like so:
client = RemoteShell('123.123.123.5', username='bob',
password='bobsecret',
root_password='secret')
# in this case, 'su -' will be used to escalate
client.remote_execute('mkdir /things', escalate=True)
The second feature added to remote_execute with this change is
the allow_many keyword. To prevent your RemoteShell client from
executing the same command twice, pass allow_many=False. This
will run `ps -ef |grep -v grep|grep -c <your command>` and ensure
that the response is "0".
client.remote_execute('echo not twice!', allow_many=False)
If the command is found to be running already, a
SatoriDuplicateCommandException will be raised.
Change-Id: I993472ecadebd67cb0bde49e692c1924c6d5c88e
Implements: blueprint allow-non-sudo-escalation
The caller can disable this option on calls to
remote_execute() which will automatically close
the connection after successful execution.
NOTE: This is a significant logical change in the
logic of remote_execute. The previous version of
the method closed the connection *by default* each
time remote_execute was called. This changes that
behavior to be completely opposite, where the
connection will always remain open *unless* keepalive
is set to False, like so:
# automatically closes the connection
client.execute('echo hello', keepalive=False)
the default will keep the connection alive:
# both commands run on the same transport instance
client.execute('echo hello one')
client.execute('echo hello two')
This change also adds the context managers to RemoteShell,
so that you can ensure that the connection will be closed
without having to rely on the controversial __del__(), which
has also been implemented for RemoteShell in this submission.
To use the context manager ( with statement ):
with RemoteShell('123.123.123.2') as client:
client.execute('echo hello')
client.execute('echo again')
The sysinfo providers will now use the context manager
implementation. See `get_systeminfo` in ohai_solo.py
and posh_ohai.py
Change-Id: I267f7efe0f588c5bdc83b419c01997a69378c308
Implements: blueprint remain-open-post-remote-execute
This change is to remove the dependency on a custom version of impacket.
This dependency was necessary because the serviceinstall example inside
impacket did not support custom service/executable names but always
generated a random name for both and a change of the example was very
unlikely to be merged upstream.
Further to that, two minor bugs were fixed
- satori.smb.SMBClient.create_tunnel() was calling
satori.tunnel.connect() which has been removed, this has been
changed to now use the constructor: satori.tunnel.Tunnel()
- satori.tunnel.Tunnel.serve_forever() was calling self.start
instead of self.tunnel_thread.start()
Minor style fixes have also been made. Further to that, the
serviceinstall example is not provided under an Apache2 license and
therefore H102 needs to be ignored by tox.
Change-Id: I04f48bf08f9361833cb607faa74ece26a48ea02d
This change adds the capability to satori to do data plane
discovery on Windows devices. For that, a class has been
added that mirrors the functionality of satori/ssh.py and
utilizes a "3rd party" script (satori/contrib/psexec.py)
which is called via subprocess.Popen(). Further to that, an
SSH tunneling class has been put in place that uses paramiko
to establish a tunnel (similar to running ssh -L from a shell).
requirements.txt has been extended to include impacket which
satori/contrib/psexec.py imports.
Move support for PoSH-Ohai into its own provider module.
Raise UnsupportedPlatform exceptions in ohai_solo.py
when the client is non-linux, and raise the same
exception in posh_ohai.py when the client is non-windows.
Co-Authored-By: Nico Engelen <engelen.nico@googlemail.com>
Co-Authored-By: Samuel Stavinoha <samuel.stavinoha@rackspace.com>
Change-Id: I7a94eea9446bc7f57843407fb98880222f7af6af
Implements: blueprint windows-support
Changes to python-whois require updates to dns unittests.
Updates pep8 requirement from jcrocholl/pep8 Issue#240:
Fix was merged into pep8 1.5.7
Updates hacking requirement to fix VersionConflict
Change-Id: I44deeb5f7b164f6a40d4eabc68630f373ea2167a
Implements: blueprint dependency-fix
Closes-Bug: #1347093
Removes fragile, bulky code and provides a more robust solution,
as well as negating the depedency on a local ssh program.
Coincident updates:
- renames keyword argument 'proxy' to 'gateway' and updates
close() method to handle the closure of that connection as well
- renames underlying RemoteShell client to _client attribute
- uses this attribute to access methods
Change-Id: Ie1ce9f19fbe5bb4341fb6721e3069c1d267be95f
Implements: blueprint reimplement-ssh-proxy
`domain_info` makes the assumption that only a domain is being passed to
it. This patch adds an `ip_info` and a `netloc_info` to handle ip
addresses or domain.
`ip_info` expects an IP only and will error if the string that is
passed to it is not a valid IP address.
`netloc_info` will attempt to determine if the string that is passed to
it is an IP or a domain, and call the appropriate function.
Change-Id: I34baf3b2ee94bd866531f94d3073fe83098f1046
Implements: blueprint ip-and-netloc-info
Switch notation from
value = d.key
to
value = d.get('key') # in optional cases
value = ['key'] # in required cases
Unittests for config dictionary make use of mock.patch.dict
Change-Id: Ib688dd13e1e3df9a82b3f0377064be8e6c765e55
Closes-Bug: #1301020
This change no longer requires users of the Satori module to fake
an argparse object to set configuration values.
Change-Id: I61a1086bf16befe3dc9e45ba739790ed99eeb446
Implements: blueprint poc-config-object
When `domain_info` is passed an invalid domain, it would attempt to
parse the registered domain and eventually pass a blank string to
`pythonwhois.get_whois`. This causes an exception of "No root WHOIS
server found for TLD." This is a valid exception, but we should not make
it this far to get this exception.
Instead, this patch will raise an exception of `SatoriInvalidDomain` if
domain_info attempted to be used with an invalid domain.
Change-Id: Ie30b9a01b39d92d8bfeb7f3a80d333fa4bb30d49
Closes-Bug: #1295391
Closes-Bug: #1293670
Relax requirements to simplify installation
Bumped version by version until an error appeared.
I did this per dependency, so I did not take into
account any incompatibilities between specific
versions of dependencies.
Change-Id: I59b5d386c674e628924909348a38966b76ae88dc
Since the system info plugin was defaulting to ohai-solo this
commit moves the check for the user's intention up.
Change-Id: Iccbbd882371131c930f7a951cc88c5628c290464
Closes-Bug: 1295315
All versions before 2.15.0 are not compatible with python 3.3. This
change will restrict to that version or newer for python 3 only. PBR
will look at requirements-py3.txt, if present, and install a newer version
of python-novaclient.
Change-Id: I00298dcd2e479f0683bf7884e68e88912a5cb1b7
Implements: blueprint relaxed-novaclient-version
When there is a custom message in `.bashrc` on certain fedora based
distros, the string will be included in the stdout. This will pull out
the following JSON string, if present, and attempt to parse that.
Change-Id: I7d0d4e9b36924664d158c62baf8cdef163bd1d85
Closes-Bug: #1294851
Other modules could want access to these functions in the future
and this cleans up satori/discover.py.
Change-Id: I6954e073c16150e90525218d1d8a15525db70110
This is a prototype of a discovery module that
connects to a server and gathers information about
how it is configured.
Change-Id: Ide2d75769ae21befcab6886b9cfd12b7ef19ea8d
Monty Taylor